linode
diff --git a/‎Makefile
Lines changed: 1 addition & 1 deletion b/‎Makefile
Lines changed: 1 addition & 1 deletion
diff --git a/‎cloud/linode/fake_linode_test.go
Lines changed: 33 additions & 16 deletions b/‎cloud/linode/fake_linode_test.go
Lines changed: 33 additions & 16 deletions
diff --git a/‎cloud/linode/loadbalancers.go
Lines changed: 8 additions & 4 deletions b/‎cloud/linode/loadbalancers.go
Lines changed: 8 additions & 4 deletions
@@ -30,7 +30,7 @@ fmt: vet $(GOPATH)/bin/goimports
 .PHONY: test
 # we say code is not worth testing unless it's formatted
 test: $(GOPATH)/bin/ginkgo fmt
-	ginkgo -r --v --progress --trace --cover --skipPackage=test -- --v=3
+	ginkgo -r --v --progress --trace --cover --skipPackage=test $(TEST_ARGS) -- --v=3
 
 .PHONY: build-linux
 build-linux:
 
@@ -353,6 +353,14 @@ func (f *fakeAPI) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			f.nb[strconv.Itoa(nb.ID)] = &nb
 
 			for _, nbcco := range nbco.Configs {
+				if nbcco.Protocol == "https" {
+					if !strings.Contains(nbcco.SSLCert, "BEGIN CERTIFICATE") {
+						f.t.Fatal("HTTPS port declared without calid ssl cert", nbcco.SSLCert)
+					}
+					if !strings.Contains(nbcco.SSLKey, "BEGIN RSA PRIVATE KEY") {
+						f.t.Fatal("HTTPS port declared without calid ssl key", nbcco.SSLKey)
+					}
+				}
 				nbc := linodego.NodeBalancerConfig{
 					ID:             rand.Intn(9999),
 					Port:           nbcco.Port,
@@ -368,10 +376,10 @@ func (f *fakeAPI) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 					CheckTimeout:   nbcco.CheckTimeout,
 					CipherSuite:    nbcco.CipherSuite,
 					NodeBalancerID: nb.ID,
-					SSLCommonName:  "",
-					SSLFingerprint: "",
-					SSLCert:        nbcco.SSLCert,
-					SSLKey:         nbcco.SSLKey,
+					SSLCommonName:  "sslcommonname",
+					SSLFingerprint: "sslfingerprint",
+					SSLCert:        "<REDACTED>",
+					SSLKey:         "<REDACTED>",
 				}
 				f.nbc[strconv.Itoa(nbc.ID)] = &nbc
 
@@ -410,6 +418,14 @@ func (f *fakeAPI) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			if err != nil {
 				f.t.Fatal(err)
 			}
+			if nbcco.Protocol == "https" {
+				if !strings.Contains(nbcco.SSLCert, "BEGIN CERTIFICATE") {
+					f.t.Fatal("HTTPS port declared without calid ssl cert", nbcco.SSLCert)
+				}
+				if !strings.Contains(nbcco.SSLKey, "BEGIN RSA PRIVATE KEY") {
+					f.t.Fatal("HTTPS port declared without calid ssl key", nbcco.SSLKey)
+				}
+			}
 			nbcc := linodego.NodeBalancerConfig{
 				ID:             nbcid,
 				Port:           nbcco.Port,
@@ -425,11 +441,12 @@ func (f *fakeAPI) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 				CheckTimeout:   nbcco.CheckTimeout,
 				CipherSuite:    nbcco.CipherSuite,
 				NodeBalancerID: nbid,
-				SSLCommonName:  "",
-				SSLFingerprint: "",
-				SSLCert:        nbcco.SSLCert,
-				SSLKey:         nbcco.SSLKey,
+				SSLCommonName:  "sslcommonname",
+				SSLFingerprint: "sslfingerprint",
+				SSLCert:        "<REDACTED>",
+				SSLKey:         "<REDACTED>",
 			}
+
 			f.nbc[strconv.Itoa(nbcc.ID)] = &nbcc
 			for k, n := range f.nbn {
 				if n.ConfigID == nbcc.ID {
@@ -481,10 +498,10 @@ func (f *fakeAPI) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 				CheckTimeout:   nbcco.CheckTimeout,
 				CipherSuite:    nbcco.CipherSuite,
 				NodeBalancerID: nbid,
-				SSLCommonName:  "",
-				SSLFingerprint: "",
-				SSLCert:        nbcco.SSLCert,
-				SSLKey:         nbcco.SSLKey,
+				SSLCommonName:  "sslcomonname",
+				SSLFingerprint: "sslfingerprint",
+				SSLCert:        "<REDACTED>",
+				SSLKey:         "<REDACTED>",
 			}
 			f.nbc[strconv.Itoa(nbcc.ID)] = &nbcc
 
@@ -590,10 +607,10 @@ func (f *fakeAPI) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 				CheckTimeout:   nbcco.CheckTimeout,
 				CipherSuite:    nbcco.CipherSuite,
 				NodeBalancerID: nbid,
-				SSLCommonName:  "",
-				SSLFingerprint: "",
-				SSLCert:        nbcco.SSLCert,
-				SSLKey:         nbcco.SSLKey,
+				SSLCommonName:  "sslcommonname",
+				SSLFingerprint: "sslfingerprint",
+				SSLCert:        "<REDACTED>",
+				SSLKey:         "<REDACTED>",
 			}
 			f.nbc[strconv.Itoa(nbcc.ID)] = &nbcc
 
 
@@ -232,6 +232,11 @@ func (l *loadbalancers) UpdateLoadBalancer(ctx context.Context, clusterName stri
 				return fmt.Errorf("[port %d] error creating NodeBalancer config: %v", int(port.Port), err)
 			}
 			rebuildOpts = currentNBCfg.GetRebuildOptions()
+
+			// SSLCert and SSLKey return <REDACTED> from the API, so copy the
+			// value that we sent in create for the rebuild
+			rebuildOpts.SSLCert = newNBCfg.SSLCert
+			rebuildOpts.SSLKey = newNBCfg.SSLKey
 		} else {
 			rebuildOpts = newNBCfg.GetRebuildOptions()
 		}
@@ -476,12 +481,11 @@ func (l *loadbalancers) retrieveKubeClient() error {
 
 	// Check to see if --kubeconfig was set. If it was, build a kubeconfig from the given file.
 	// Otherwise, use the in-cluster config.
-	kubeconfigPath := Options.KubeconfigFlag.Value.String()
-
-	if kubeconfigPath == "" {
+	kubeconfigFlag := Options.KubeconfigFlag
+	if kubeconfigFlag == nil || kubeconfigFlag.Value.String() == "" {
 		kubeConfig, err = rest.InClusterConfig()
 	} else {
-		kubeConfig, err = clientcmd.BuildConfigFromFlags("", kubeconfigPath)
+		kubeConfig, err = clientcmd.BuildConfigFromFlags("", kubeconfigFlag.Value.String())
 	}
 
 	if err != nil {